package com.jeremyfeinstein.okhttputil;

import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.X509TrustManager;

/**
 * Created by zhatong on 2019/6/6.
 * 会商的https证书校验
 */

public class HSTrustManager implements X509TrustManager {
    @Override
    public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {

    }

    @Override
    public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        if (chain == null) {
            throw new IllegalArgumentException("Check Server x509Certificates is null");
        }

        if (chain.length < 0) {
            throw new IllegalArgumentException("Check Server x509Certificates is empty");
        }

        try {
            for (X509Certificate cert : chain) {
                 cert.checkValidity();
                //和App预埋的证书做对比
               // cert.verify(chain.getPublicKey());

            }
        } catch ( Exception e) {
            e.printStackTrace();
        }
    }

    @Override
    public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
    }
}
